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LISTING OF THE CLAIMS; 



No claim amendments have been made. 

L (Previously presented) A method of processing semiotic data, comprising: 
receiving semiotic data including at least one data set P; 

selecting a function h, and for at least one of each said data set P to be collected, 
computing h(P); 

destroying said data set P; 
storing h(P) in a database, and 

obtaining a sample of P' such that a comparison can be made; 
at least one of obtaining and computing h(P'); and 

to determine whether F is close to a predetermined subject, comparing h(P T ) to 
available h(P)s to determine whether F substantially matches, but does not exactly match, 
one of said data set P, 

wherein said data set P cannot be extracted from h(P), 
wherein said semiotic data comprises biometric data, 
wherein said function h comprises a secure hash function, 
wherein the data set P is not determined perfectly by its reading, 
wherein each reading gives a number Pi, wherein i is no less than 0, wherein PO is for 
an initial reading, and a secret version of said initial reading is stored after further processing 



thereof, 
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wherein reading P0 is different from Pi for i > 0, and the secret version of P0 is 
different from the secret version of Pi, such that no identification is possible by a direct 
comparison of the encrypted data, 

said method further comprising: 

extracting sub-collections Sj from the collection of data in data set P; 
encrypting a predetermined number of such sub-collections such that at least 
one of the sub-collections is reproduced exactly with a predetermined probability, 

comparing encrypted versions of the sub-collections Sj with those data stored 
in said database, 

wherein if one or more of the sub-collection Sj matches with said data, then 
verification is deemed to have occurred, 

each time a Pi, with i > 0, is read, computing all possible predetermined size 
variations of Pi which correspond to an acceptable predetermined imprecision of the reading; 
and 

encrypting all such modified data, and comparing said encrypted modified data to 
data stored in said database, 

wherein for a plurality of users of the same biometric information, said 
biometric information is encrypted differently for each user, and 

wherein at least one of said data set P and P' comprises a personal data set. 

2-4. (Canceled). 
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5 . (Previously presented) A method of processing semiotic data, comprising: 
receiving semiotic data including at least one data set P; 

selecting a function h, and for at least one of each said data set P to be collected, 
computing h(P); 

destroying said data set P; and 
storing h(P) in a database, 

wherein said data set P cannot be extracted from h(P), 
the method further comprising: 

selecting a private key/public key (K, k) once for all cases; and 

one of destroying said private key K and sending said private key K to a trusted party; 

and 

choosing said function h as the public encryption function corresponding to k. 

6. (Original) The method according to claim 5, wherein said data set P cannot be 
extracted from h(P), except by the trusted party. 

7. (Previously presented) The method according to claim 5, further comprising; 

to determine whether some P' is a predetermined subject, comparing said h(P') to 
available h(P)s; and 

determining whether there is a match. 
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8. (Original) The method according to claim 5, wherein the trusted party comprises a 
panel of members, and 

wherein a secret is shared among the members so that only at least a predetermined 
number of panel members can reconstitute the secret in its entirety by putting together their 
share of the secret. 

9. (Previously presented) A method of processing semiotic data, comprising: 
receiving semiotic data including at least one data set P; 

selecting a function h, and for at least one of each said data set P to be collected, 
computing h(P); 

destroying said data set P; and 
storing h(P) in a database, 

wherein said data set P cannot be extracted from h(P), 

wherein the data set P is not determined perfectly by its reading, 

wherein each reading gives a number Pi, wherein i is no less than 0, wherein P0 is for 

an initial reading, and a secret version of said initial reading is stored after further processing 

thereof, 

wherein reading P0 is different from Pi for i > 0, and the secret version of P0 is 
different from the secret version of Pi, such that no identification is possible by a direct 
comparison of the encrypted data. 
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10. (Original) The method according to claim 9, further comprising: 
extracting sub-collections Sj from the collection of data in data set P; and 
encrypting a predetermined number of such sub-collections such that at least one of 

the sub-collections is reproduced exactly with a predetermined probability. 

1 1 . (Original) The method according to claim 10, further comprising: 

comparing encrypted versions of the sub-collections Sj with those data stored in said 
database 3 

wherein if one or more of the sub-collection Sj matches with said data, then 
verification is deemed to have occurred. 

1 2. (Original) The method according to claim 1 1 5 further comprising: 

each time a Pi, with i > 0, is read, computing all possible predetermined size 
variations of Pi which correspond to an acceptable predetermined imprecision of the reading; 
and 

encrypting all such modified data, and comparing said encrypted modified data to 
data stored in said database. 

13. (Original) The method according to claim 12, wherein for a plurality of users of the 
same biometric information, said biometric information is encrypted differently for each 
user. 
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14. (Previously presented) The method according to claim 1, wherein at least one of said 
data set P and P' comprises a personal data set. 

15. (Previously presented) A method of processing biometric data, comprising: 
acquiring unencrypted biometric data including at least one data set P; 
encrypting, with one of a secure hash function and an identity function, each said at 

least one data set acquired; 

destroying the unencrypted data set P; 

storing each of the at least one encrypted data set in a database, 

wherein unencrypted biometric data is not available nor retrievable from said data 

stored in said database, and 

to determine whether a data set P r is a predetermined subject, comparing an encrypted 

data set of P' to the at least one encrypted data set stored in the database to determine 

whether the data set P' substantially matches, but does not exactly match, the at least one 

encrypted data set stored in the database. 

16. (Previously presented) The method according to claim 15, wherein at least one of said 
data set P and F comprises a personal data set. 

17. (Previously presented) A method of extracting components of biometric data which 
are stable under measurement errors, comprising: 

acquiring unencrypted biometric data including at least one data set P; 



PAGE 8/28 * RCVO AT 12/16/2005 5:57:32 PM [Eastern Standard Time) • SVR:USPTO-EFXRF-6/34 • 0*08:2738300 • CSID: 703761 2375 " DURATION (mm-ss): 07-50 



12/16/2005 18:55 FAX 7037612375 MCGINNIPLAW. PLLC -* USPTO ©009 

U.S. Application No. 09/457,732 8 
Docket No. YOR919990137US1 
(YOR.080) 

encrypting each said at least one data set acquired to form at least one encrypted data 

set; 

destroying the unencrypted data set P; 

storing each said at least one encrypted data set in a database, 

wherein unencrypted biometric data is not available nor retrievable from said data 

stored in said database, and 

to determine whether a data set P 1 is a predetermined subject, comparing an encrypted 

data set of P f to the at least one encrypted data set stored in the database to determine 

whether there is a match. 

18. (Previously presented) The method according to claim 17, wherein at least one of said 
data set P and P' comprises a personal data set 

19. (Original) A method of extracting components of biometric data which are stable 
under measurement errors, comprising: 

acquiring unencrypted biometric data including at least one data set P; 

encrypting each said at least one data set acquired to form at least one encrypted data 

set; 

destroying the unencrypted data set P; and 
storing each said at least one encrypted data set in a database, 
wherein unencrypted biometric data is not available nor retrievable from said data 
stored in said database, 
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extracting sub-collections Sj from the collection of data in said data set P; and 
encrypting a predetermined number of such sub-collections such that at least one of 
the sub-collections is reproduced exactly with a predetermined probability. 

20. (Original) The method according to claim 19, wherein said data set comprises a 
personal data set, 

2 1 . (Original) The method according to claim 1 9, further comprising: 

comparing encrypted versions of the sub-collections Sj with those data stored in said 
database, 

wherein if one or more of the sub-collection Sj matches with said data, then 
verification is deemed to have occurred. 

22. (Original) The method according to claim 2 1 , wherein a data set P is not determined 
perfectly by its reading, such that each reading gives a number Pi, 

wherein i is no less than 0, 

wherein P0 is for an initial reading, and a secret version of said initial reading is 
stored after further processing thereof, 

wherein reading P0 is different from Pi for i > 0, and the secret version of P0 is 
different from the secret version of Pi, such that no identification is possible by a direct 
comparison of the encrypted data. 
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23. (Original) The method according to claim 21, further comprising: 
each time a data set is read Pi, with i > 0, is read, computing all possible 

predetermined size variations of Pi which correspond to an acceptable predetermined 
imprecision of the reading; and 

encrypting all such modified data, and comparing said encrypted modified data to 
data stored in said database. 

24. (Previously presented) A system for processing semiotic data, comprising: 
means for receiving semiotic data including a data set P; 

means for selecting a function h, and for each said data set P to be collected, 
computing h(P); 

means for destroying said data set P; 

means for storing h(P) in a database, wherein said data set P cannot be extracted from 
h(P), and 

to determine whether a data set P' is close to a predetermined subject, means for 
comparing h(P') to available h(P)s to determine whether data set P 1 is close to some P. 

25. (Previously presented) A system of processing semiotic data as in claim 24, wherein 
said semiotic data comprises biometric data. 

26. (Previously presented) The system according to claim 24, wherein at least one of said 
data set P and P 1 comprises a personal data set. 



PACE 1 1/28 * RCVD AT 12/16/2005 5:57:32 PM [Eastern Standard Time] * SVR:USPTO-EFXRF-6/34 * DNIS: 2738300 * CSID: 703761 2375 * DURATION (mm-ss):07-50 



12/16/2005 18:55 FAX 7037612375 



MCGINNIPLAW.PLLC 



-* USPTO 



@012 



U.S. Application No. 09/457,732 1 1 

Docket No. YOR9 199901 3 7US1 
(YOR.080) 

27. (Previously presented) A system for verifying biometric data without storing 
unencrypted biometric data, comprising: 

means for acquiring unencrypted biometric data including at least one data set P; 

means for encrypting each said at least one data set acquired to form at least one 
encrypted data set; means for destroying the unencrypted data set P; 

means for storing each said at least one encrypted data set in a database, wherein 
unencrypted biometric data is not available nor retrievable from said data stored in said 
database, and 

means for comparing an encrypted data set of a data set P' to said at least one 
encrypted data set of data set P to determine whether there is a match and to determine 
whether the data set P T is a predetermined subject. 

28. (Previously presented) The system according to claim 27, wherein at least one of said 
data set P and P 1 comprises a personal data set. 

29. (Original) A system for extracting components of biometric data which are stable 
under measurement errors, comprising: 

acquiring unencrypted biometric data including at least one data set P; encrypting 
each said at least one data set acquired to form at least one encrypted data set; 
destroying the unencrypted data set P; and 
storing each said at least one encrypted data set in a database, 
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wherein unencrypted biometric data is not available nor retrievable from said data 

stored in said database, 

extracting sub-collections Sj from the collection of data in said data set P; and 
encrypting a predetermined number of such sub-collections such that at least one of 

the sub-collections is reproduced exactly with a predetermined probability. 

30. (Previously presented) The system according to claim 29, wherein said data set 
comprises a personal data set. 

3 1 . (Previously presented) A signal-bearing medium tangibly embodying a program of 
machine-readable instructions executable by a digital processing apparatus to perform a 
method for computer-implemented processing biometric data, said method comprising: 

receiving biometric data including a data set P; 

selecting a secure hash function h, and for each data set P to be collected, computing 

h(P); 

destroying said data set P; 

storing h(P) in a database, wherein said data set P cannot be extracted from h(P), and 
to determine whether a data set P f is close to a predetermined subject, comparing h(P') 
to available h(P)s to determine whether data set P r is close to some data set P. 

32. (Previously presented) The signal-bearing medium according to claim 31, wherein at 
least one of said data set P and P comprises a personal data set. 
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33. (Previously presented) A signal-bearing medium tangibly embodying a program of 
machine-readable instructions executable by a digital processing apparatus to perform a 
method for computer-implemented verifying of biometric data without storing unencrypted 
biometric data, said method comprising: 

acquiring unencrypted biometric data including at least one data set P; 

encrypting each said at least one data set acquired to form at least one encrypted data 

set; 

destroying the unencrypted data set P; 

storing each said at least one encrypted data set in a database, wherein unencrypted 
biometric data is not available nor retrievable from said data stored in said database, and 

to determine whether a data set P f is close to a predetermined subject, comparing an 
encrypted data set of P T to said at least one encrypted data set to determine whether data set P' 
is close to some data set P. 

34. (Previously presented) The signal-bearing medium according to claim 33, wherein at 
least one of said data set P and P f comprises a personal data set. 

35. (Original) A signal-bearing medium tangibly embodying a program of machine- 
readable instructions executable by a digital processing apparatus to perform a method for 
computer-implemented extracting components of biometric data which are stable under 
measurement errors, said method comprising: 
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acquiring unencrypted biometric data including at least one data set P; encrypting 
each said at least one data set acquired to form at least one encrypted data set; 
destroying the unencrypted data set P; 

storing each said at least one encrypted data set in a database, wherein unencrypted 
biometric data is not available nor retrievable from said data stored in said database; 
extracting sub-collections Sj from the collection of data in said data set P; and 
encrypting a predetermined number of such sub-collections such that at least one of 
the sub-collections is reproduced exactly with a predetermined probability. 

36. (Previously presented) The signal-bearing medium according to claim 35 3 wherein 
said data set comprises a personal data set. 
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